The incumbent will work under the direct supervision and guidance of the Cybersecurity Operations Officer (CSO) within the Cybersecurity Division (CS), and will work in close collaboration with other information and cybersecurity teams. The incumbent could be requested to do any other tasks of similar level in related fields.Main duties and responsibilities:Under guidance, develop and build Automation scripts to perform Threat Hunting and Cyber Threat Intelligence (CTI) enrichment.Enhance Cyber Threat Intelligence following Security Incidents to continuously improve our defenses.Collaborate with relevant team members to perform threat and anomaly detection, analytics, and digital forensics investigations.Investigate cybersecurity events escalated from Level I & II Analysts and Clients, providing analysis and recommendations.Under guidance of the Cybersecurity Operations Officer, develop and refine SIEM use cases and response processes/procedures.Align SIEM/SOC use cases with business requirements using a risk-based approach to ensure optimal security posture.Conduct forensic analysis of events, images, packets and other digital evidence to uncover root causes and identify mitigation strategies.Act on and monitor security incident response and remediation efforts, ensuring effective resolution.Perform malware reverse engineering to identify and mitigate threats proactively.Provide ad hoc support either within the Unit or other units as required — this includes the participation in special projects or support to service delivery for short periods of time on a part-time or full-time basis upon request from senior management.Recruitment ProfileExperience and Skills required:A minimum of two (2) years of relevant experience in Information Technology, including conducting or coordinating cybersecurity incident response activities.Proven experience in reviewing raw log files, data correlation, and analysis (i.E. firewall, network flow, IDS, system logs).Demonstrated experience in scripting languages such as Python, PowerShell, or Bash for automation purposes.Strong knowledge of AWS and/or Active Directory.Knowledge of static and dynamic code analysis on x86.Education:First university degree in Computer Science or related field.At least one of the following technical certifications: GCFE, OSCP, GCIH, GCIA, GPEN or other GIAC/similar certifications.Advanced university degree in Management Information Systems, Computer Science, Computer Engineering or similar.Languages:English: Expert knowledge is required.Spanish, Russian or Arabic: Beginner knowledge is desirable.Closing date for applications:Applications will be accepted until midnight (Geneva Time) on 25 September 2024.#J-18808-Ljbffr
